vercel[bot]
commented
1 year ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Updated (UTC) |
|---|---|---|---|
| dbdev | ✅ Ready (Inspect) | Visit Preview | Aug 31, 2023 5:43pm |
Closed olirice closed 1 year ago
vercel[bot]
commented
1 year ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Updated (UTC) |
|---|---|---|---|
| dbdev | ✅ Ready (Inspect) | Visit Preview | Aug 31, 2023 5:43pm |
What kind of change does this PR introduce?
Reverts https://github.com/supabase/dbdev/pull/89 on the
public.package*views.Currently, there are no RLS policies for the
anonrole onapp.package*tables so when these views take on the permissions of the underlying tables, no packages are visible to unauthenticated clients.This was originally not noticed because it isn't visible when logged in on
database.dev.Unauthenticated users see a blank home page (see screenshot) and are currently unable to pull from the registry using the
supabase-dbdevin-database client, instead seeing an errorThis PR re-enables the homepage to populate for
anonusers and re-enables the database client.A better solution (for a later time) will be to create policies for the
anonrole and re-applysecurity_invoker=falseto the views